package com.tao.config;


import com.tao.config.shiro.RedisCacheManager;
import com.tao.config.shiro.UserRealm;
import lombok.extern.slf4j.Slf4j;
import org.apache.shiro.cache.ehcache.EhCacheManager;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import java.util.LinkedHashMap;
@Slf4j
@Configuration
public class ShiroConfig {

    //ShiroFilterFactoryBean
    @Bean(name = "shiroFilterFactoryBean")
    public ShiroFilterFactoryBean getShiroFilterFactoryBean(@Qualifier("getDefaultWebSercurityManager") DefaultWebSecurityManager defaultWebSecurityManager){
        ShiroFilterFactoryBean bean = new ShiroFilterFactoryBean();
//设置安全管理器
        bean.setSecurityManager(defaultWebSecurityManager);

        //添加shiro内置过滤器
        /*
        * anon：无需认证计科访问
        * authc:必须认证才能访问
        * user：必须拥有 记住我 功能才能用
        * perms拥有某个资源的权限才能访问  授权
        * role：拥有某个角色权限才嫩访问
        * */
        LinkedHashMap<String, String> filtermap = new LinkedHashMap<String, String>();
        //        所有人都能访问这个连接
//        filtermap.put("/hellow","anon");
        //需要认证
//        filtermap.put("/add","authc");
//        可以来个 通配符

        filtermap.put("/login.html","anon");
        filtermap.put("/login","anon");
        filtermap.put("/tologin","anon");
        filtermap.put("/","anon");
        filtermap.put("/register","anon");
        filtermap.put("/register.html","anon");
        filtermap.put("/hellow.html","anon");
        //授权
        filtermap.put("/delCoding/**","perms[root]");
        filtermap.put("/delUser/**","perms[root]");
        filtermap.put("/delPic/**","perms[root]");
//        注销
        filtermap.put("/logout","logout");
        filtermap.put("/logout.html","anon");
//        那些被拦截
        filtermap.put("/*","authc");
//        filtermap.put("/login","anon");


        //失败  跳转登陆界面
        //过滤器 过滤到的位置
        bean.setLoginUrl("/hellow.html");
        //未授权跳转
        bean.setUnauthorizedUrl("/");
        //获取 map
        bean.setFilterChainDefinitionMap(filtermap);




        return bean;
    }



    //2 DefaultWebSercurityManager
    @Bean
    public DefaultWebSecurityManager getDefaultWebSercurityManager( UserRealm userRealm){
        DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
        //关联realm
        securityManager.setRealm(userRealm);

        return securityManager;
    }

    //1 realm
    // 创建对象  需要自定义
    @Bean
    public UserRealm userRealm(){
        UserRealm userRealm = new UserRealm();
        //还能开启缓存管理
//
//        userRealm.setCacheManager(new RedisCacheManager());  //使用redis缓存
        userRealm.setCacheManager(new EhCacheManager());  //使用Ehcache缓存
        userRealm.setCachingEnabled(true);//全局开启 缓存
        userRealm.setAuthenticationCachingEnabled(true); //认证缓存
        userRealm.setAuthenticationCacheName("authentication");//authentication

        userRealm.setAuthorizationCachingEnabled(true);//授权缓存
        userRealm.setAuthorizationCacheName("authorization");//authorizationCache
//

        return  userRealm;
}

}
